Internal control evaluation report in 2021
Kbc Corporation Ltd(688598) all shareholders:
According to the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control supervision requirements (hereinafter referred to as the enterprise internal control standard system), combined with the company's (hereinafter referred to as the company's) internal control system and evaluation methods, on the basis of daily and special supervision of internal control, We evaluated the effectiveness of the company's internal control on December 31, 2021 (the benchmark date of the internal control evaluation report). I Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise's internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise's internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company's internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results. II Internal control evaluation conclusion 1 On the benchmark date of the internal control evaluation report, does the company have any major defects in the internal control of financial reporting
□ yes √ no
2. Evaluation conclusion of internal control over financial reporting
√ valid □ invalid
According to the identification of major defects in the company's internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise's internal control standard system and relevant regulations. 3. Whether major defects in internal control over non-financial reporting are found
□ yes √ no
According to the identification of major defects in the company's internal control over non-financial reports, the company found no major defects in the company's internal control over non-financial reports on the benchmark date of the internal control evaluation report. 4. Factors affecting the evaluation conclusion of internal control effectiveness from the benchmark date of internal control evaluation report to the date of issuance of internal control evaluation report □ applicable √ not applicable
There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report.
5. Whether the internal control audit opinion is consistent with the company's evaluation conclusion on the effectiveness of internal control over financial reporting
√ yes □ No 6 Whether the disclosure of major defects in internal control of non-financial reports in the internal control audit report is consistent with the disclosure of the company's internal control evaluation report √ yes □ no III Internal control evaluation (I) Scope of internal control evaluation
According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. 1. The main units included in the evaluation scope include: Kbc Corporation Ltd(688598) and its subsidiaries. 2. Proportion of units included in the scope of evaluation:
Proportion of indicators (%)
The ratio of the total assets of the units included in the evaluation scope to the total assets of the company's consolidated financial statements 100
The total operating income of the units included in the evaluation scope accounts for 100% of the total operating income in the company's consolidated financial statements
3. The main operations and matters included in the scope of evaluation include:
Internal environment, risk assessment, control activities, information and communication, internal supervision, etc. 4. High risk areas of focus mainly include:
Procurement and payment management, sales and collection management, cost and expense management, inventory management, fixed assets management, financial management and report management, financing management, management of major investment, external guarantee and related party transactions, etc. 5. The above units, businesses and matters included in the evaluation scope and high-risk areas cover the main aspects of the company's operation and management. Is there any major omission
□ yes √ No 6 Is there a statutory exemption
□ yes √ No 7 Other explanatory matters
None (II) Basis of internal control evaluation and identification standard of internal control defects
The company organizes and carries out internal control evaluation according to the enterprise internal control standard system and the company's internal control system. 1. Whether the specific identification standard of internal control defects is adjusted with that of previous years
□ yes √ no
According to the identification requirements of the enterprise internal control standard system for major defects, important defects and general defects, and in combination with the company's scale, industry characteristics, risk preference, risk tolerance and other factors, the board of directors of the company distinguished internal control over financial reports from internal control over non-financial reports, and studied and determined the specific identification standards of internal control defects applicable to the company, And consistent with previous years. 2. Identification standard of internal control defects in financial reporting
The quantitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:
Index name major defect quantitative standard important defect quantitative standard general defect quantitative standard
Total profit greater than or equal to 5% greater than or equal to 3% less than 5% less than 3%
Total assets greater than or equal to 2% greater than or equal to 1% less than 2% less than 1%
explain:
The company adopts the quantitative standard for determining the internal control defect of financial report by the impact degree of internal control defect on total profit or total assets. If the internal control defect may cause the misstatement amount of financial statements to be greater than or equal to 5% of total profit or 2% of total assets, the defect is considered as a major defect; If it is less than 5% of the total profit, greater than or equal to 3%, or less than 2% of the total assets, greater than or equal to 1%, the defect is deemed to be an important defect; If it is less than 3% of the total profit or 1% of the total assets, the defect is considered as a general defect.
The qualitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:
Qualitative standard of defect nature
Major defects 1) ineffective control environment; 2) Fraud of directors, supervisors and senior managers of the company; 3) There is a material misstatement in the current financial statements, but the internal control fails to find the misstatement in the operation process; 4) Make misstatement correction for major errors in the announced financial report; 5) Major defects that have been found and reported to the management have not been corrected within a reasonable time; 6) The internal control supervision of the company by the audit committee and the internal audit department is invalid.
Significant defects 1) failure to select and apply accounting policies in accordance with generally accepted accounting standards; 2) Failure to establish anti fraud procedures and control measures; 3) No corresponding control mechanism has been established or implemented for the accounting treatment of unconventional or special transactions, and there is no corresponding compensatory control; 4) There are one or more defects in the control of the financial reporting process at the end of the period, and it can not reasonably ensure that the prepared financial statements achieve the true and complete goal.
General defects refer to other control defects other than the above major defects and important defects.
explain:
When it is difficult to determine the amount of impact caused by internal control defects, the company identifies major defects, important defects and general defects in internal control over financial reporting by analyzing the severity of the business nature involved, the nature of direct or potential negative impact, the scope of impact and other factors. 3. Identification standard of internal control defects in non-financial reporting
The quantitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:
Index name major defect quantitative standard important defect quantitative standard general defect quantitative standard
Total profit greater than or equal to 5% greater than or equal to 3% less than 5% less than 3%
Total assets greater than or equal to 2% greater than or equal to 1% less than 2% less than 1%
explain:
The company adopts the quantitative standard for determining the internal control defect of non-financial report by the impact of internal control defect on total profit or total assets. If the internal control defect may cause the misstatement amount of financial statements to be greater than or equal to 5% of total profit or 2% of total assets, the defect is considered as a major defect; If it is less than 5% of the total profit, greater than or equal to 3%, or less than 2% of the total assets, greater than or equal to 1%, the defect is deemed to be an important defect; If it is less than 3% of the total profit or 1% of the total assets, the defect is considered as a general defect.
The qualitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:
Qualitative standard of defect nature
Major defects 1) the company's business activities seriously violate national laws and regulations; 2) Lack of democratic decision-making procedures, unscientific decision-making procedures, major mistakes, causing major property losses to the company; 3) The company's major assets are privately occupied; 4) The company has been severely punished by the CSRC or warned by the stock exchange; 5) Serious quality, environment and occupational health and safety incidents occur in the company; 6) Lack of institutional control or systematic failure of important business
Effective.
Important defects 1) the company has the behavior of failure in the use of large assets; 2) There is a lack of control standards or ineffective standards in the company's key business operations; 3) Defects in important business system or control system; 4) Important quality, environment and occupational health and safety events occur in the company; 5) The company's management has important ultra vires.
General defects are other control defects except the above major and important defects.
explain:
When it is difficult to determine the amount of impact caused by internal control defects, the company identifies major defects, important defects and general defects in internal control over financial reporting by analyzing the severity of the business nature involved, the nature of direct or potential negative impact, the scope of impact and other factors. (3) Identification and rectification of internal control defects 1 Identification and rectification of internal control defects in financial reporting 1.1 Major defects
Whether the company has major defects in internal control over financial reporting during the reporting period □ yes √ no 1.2 Important defects
Whether the company has significant defects in internal control over financial reporting during the reporting period □ yes √ no 1.3 General defect
General defects in internal control are found, and relevant departments and responsible persons are instructed to formulate rectification plans, which have been rectified. 1.4. After the above rectification, on the benchmark date of the internal control evaluation report, does the company have any major defects in the internal control of financial reporting that have not been rectified □ yes √ no 1.5 After the above rectification, on the benchmark date of the internal control evaluation report, whether the company has any important defects in the internal control of financial reporting that have not been rectified □ yes √ No 2 Identification and rectification of internal control defects in non-financial reporting 2.1 Major defects
Whether the company found any major defects in internal control over non-financial reporting during the reporting period □ yes √ no 2.2 Important defects
Whether the company found any significant defects in internal control over non-financial reporting during the reporting period □ yes √ no 2.3 General defect
General defects in internal control are found, and relevant departments and responsible persons are instructed to formulate rectification plans, which have been rectified.
2.4. After the above rectification, on the benchmark date of the internal control evaluation report, does the company find any major defects in the non-financial reporting internal control that have not been rectified □ yes √ no 2.5 After the above rectification, on the benchmark date of the internal control evaluation report, whether the company finds any important defects in non-financial reporting internal control that have not been rectified □ yes √ no IV Description of other major matters related to internal control 1 Rectification of internal control defects in the previous year □ applicable √ not applicable 2 Operation of internal control in this year and improvement direction in the next year
√ applicable □ not applicable
In 2021, according to the management's deployment and relevant requirements for the work of the internal control system, the company actively did a good job in the work related to internal control, steadily promoted the construction and improvement of the internal control system, continued to explore and improve the internal control working mechanism, strengthened the system construction in various business fields, promoted the integration and optimization of the internal control system, and realized the major risk assessment, monitoring and tracking, Give play to the rigid constraint of information system and enhance the company's anti risk ability.
In 2022, the company will continue to promote system integration and optimization and strictly implement various rules and regulations. Implement major risk assessment and monitoring, promote the improvement of internal control supervision and evaluation, strengthen information management and control, and establish and improve a strict, standardized, comprehensive and effective internal control system guided by risk management and focusing on compliance management and supervision. In addition, further establish and strengthen the internal control concept of institutionalized management, institutionalized process and process informatization, embed the concept and requirements of internal control into the business process, promote the company to carry out various business activities in accordance with the law, form a comprehensive, full staff, whole process and whole system risk prevention and control mechanism, and effectively and comprehensively improve the effectiveness of the company's internal control system. 3. Description of other major events
□ applicable √ not applicable
